[PATCH] Smack: Fix memory leak in smack_inode_getsecctx

From: Casey Schaufler
Date: Fri Jun 01 2018 - 13:45:26 EST


Fix memory leak in smack_inode_getsecctx

The implementation of smack_inode_getsecctx() made
incorrect assumptions about how Smack presents a security
context. Smack does not need to allocate memory to support
security contexts, so "releasing" a Smack context is a no-op.
The code made an unnecessary copy and returned that as a
context, which was never freed. The revised implementation
returns the context correctly.

Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
---
security/smack/smack_lsm.c | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 0b414836bebd..5e3beae334a8 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1545,9 +1545,9 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer,
*/
static void smack_inode_getsecid(struct inode *inode, u32 *secid)
{
- struct inode_smack *isp = inode->i_security;
+ struct smack_known *skp = smk_of_inode(inode);

- *secid = isp->smk_inode->smk_secid;
+ *secid = skp->smk_secid;
}

/*
@@ -4538,12 +4538,10 @@ static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)

static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
{
- int len = 0;
- len = smack_inode_getsecurity(inode, XATTR_SMACK_SUFFIX, ctx, true);
+ struct smack_known *skp = smk_of_inode(inode);

- if (len < 0)
- return len;
- *ctxlen = len;
+ *ctx = skp->smk_known;
+ *ctxlen = strlen(skp->smk_known);
return 0;
}